<?php
	require('../../include/connectdb.php');
	session_start();
	if($_SESSION['login']==false){
	$_SESSION['error']="Cảnh báo: bạn phải đăng nhập trước khi vào phần quản trị trang web";
	header('location:../index.php');
	}
	$act=$_GET['act'];
	$s='';
	if(!isSet($_GET['type'])){
		$modify=$_REQUEST['type'];
		$length=strlen($modify);
		$pos=strpos($modify,'_');
		$type=substr($modify,0,$pos);
		$sts=substr($modify,$pos+1,$length-1-$pos);
		$status=($sts=='')?0:(int)$sts;
	}
	else{
		$type=$_GET['type'];
	}
		
	switch($type){
		case 'dm': 
			$s="domain";
			break;
		case 'pm': 
			$s="phanmem";
			break;
		case 'sp': 
			$s="sanpham";
			break;
		case 't2': 
			$s="tintuc";
			break;
		case 'tv': 
			$s="tuvan";
			break;
		case 'w': 
			$s="web";
			break;
		case 'dv': 
			$s="dichvu";
			break;					
	}
		
	if($act=='edit'){
		$status=isSet($_POST['status'])?$_POST['status']:0;
		$ID=$_GET['ID'];
		$title=$_POST['title'];
		$detail=$_POST['detail'];
		$sql="select * from ".$s." where ".$type."Id=".$ID;
		$res=mysql_query($sql);
		$r=mysql_fetch_array($res);
		if($r[$type."Title"]!=$title){
			$sql="update ".$s." set ".$type."Title='".$title."' where ".$type."Id=".$ID;
			mysql_query($sql);
		}
		if($r[$type."Detail"]!=$detail){
			$sql="update ".$s." set ".$type."Detail='".$detail."' where ".$type."Id=".$ID;
			mysql_query($sql);
		}
		if($r[$type."Status"]!=$status){
			$sql="update ".$s." set ".$type."Status='".$status."' where ".$type."Id=".$ID;
			mysql_query($sql);
		}
		$location="location:../main.php?page=lart&type=".$type;
		header($location);
	}
	if($act=='add'){
		$title=$_POST['title'];
		$detail=$_POST['detail'];
		$img=$_POST['img'];
		$sql="insert ".$s." (".$type."Title,".$type."Detail,".$type."Status) values ('".$title."','".$detail."',".$status.")";
		mysql_query($sql);
		$location="location:../main.php?page=lart&type=".$type;
		header($location);
	}
	if($act=='del'){
		$ID=$_GET['ID'];
		$sql="delete from ".$s." where ".$type."Id=".$ID;
		mysql_query($sql);
		$location="location:../main.php?page=lart&type=".$type;
		header($location);
	}
?>